ueHash
Defines the properties of the hash used to validate a source key.
Description
This object defines the properties of the hash used to validate a source key. This object is only required on source keys that have a pin assigned.
Pins are not meant to be stored by the application. Instead the application should prompt the end user for the pin. The pin may be cached temporarily, but should not be stored permanently unless appropriate security measures such as strong encryption are taken.
Please note that access to certain methods will require a pin. These features are restricted to sources with a pin to minimize the impact of a merchant's source key being stolen.
Properties
| Type | Name | Description |
|---|---|---|
| string | Type | Hashing Function Used: Currently only "md5" and "sha1" are supported. |
| string | Seed | The data used to seed the hash: This value must be unique and cannot be reused. The system will reject the request if a Seed is reused. The reason for this is to minimize the damage if a HashValue is stolen. An intruder may manage to obtain a SourceKey and a HashValue, but will not be able to use the source key since the HashValue is based on a seed that cannot be reused. |
| string | HashValue | Hash string: The resulting hash. The hash is calculated by concatenating the SourceKey, the Seed and the Pin value. Do not place any characters in between these values. Once the values have been concatenated, calculate the hash string using the algorithm specified by Type. |
Examples
.NET VB
Dim hash As newtek.ueHash = New newtek.ueHash
Dim sourcekey As String
Dim pin As String
' The source key and pin are created by the merchant
sourcekey = "e42SYc86C4uvlvyP62ow54Kv93SZsJVm"
pin = "1234"
token = New newtek.ueSecurityToken
token.SourceKey = sourcekey
' To create the hash we must concat the sourcekey, seed and pin
Dim rand As System.Random = New System.Random
hash.Seed = Date.Now.ToUniversalTime & rand.Next()
Dim prehashvalue As String
prehashvalue = sourcekey & hash.Seed & pin
' Generate the md5 hash
hash.Type = "md5"
hash.HashValue = GenerateHash(prehashvalue)
token.PinHash = hash
Private Function GenerateHash(ByVal SourceText As String) As String
'Instantiate an MD5 Provider object
Dim md5 As New MD5CryptoServiceProvider
'Compute the hash value from the source
Dim ByteHash() As Byte = md5.ComputeHash(Encoding.Default.GetBytes(SourceText))
'Instantiate a StringBuilder object
Dim sb As New StringBuilder
'Repack binary hash as hex
For c As Integer = 0 To ByteHash.Length - 1
sb.AppendFormat("{0:x2}", ByteHash(c))
Next c
'Return the hex hash
Return sb.ToString
End Function
.NET C
MD5 md5Hasher = MD5.Create();
// Convert the input string to a byte array and compute the hash.
byte[] data = md5Hasher.ComputeHash(Encoding.Default.GetBytes(input));
// Create a new Stringbuilder to collect the bytes
// and create a string.
StringBuilder sBuilder = new StringBuilder();
// Loop through each byte of the hashed data
// and format each one as a hexadecimal string.
for (int i = 0; i < data.Length; i++)
{
sBuilder.Append(data[i].ToString("x2"));
}
// Return the hexadecimal string.
return sBuilder.ToString();